-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathDockerfile
123 lines (94 loc) · 3.31 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# This is a multi-stage build file, which means a stage is used to build
# the backend (dependencies), the frontend stack and a final production
# stage re-using assets from the build stages. This keeps the final production
# image minimal in size.
# Stage 1 - Backend build environment
# includes compilers and build tooling to create the environment
FROM python:3.10-slim-bullseye AS backend-build
RUN apt-get update && apt-get install -y --no-install-recommends \
libpq-dev \
build-essential \
python3-dev \
git \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
RUN mkdir /app/src
ENV VIRTUAL_ENV=/opt/venv
RUN python3 -m venv $VIRTUAL_ENV
ENV PATH="$VIRTUAL_ENV/bin:$PATH"
# Ensure we use the latest version of pip
RUN pip install "pip<24" -U
COPY ./requirements /app/requirements
RUN pip install -r requirements/setuptools.txt
RUN pip install -r requirements/production.txt
# Stage 2 - Install frontend deps and build assets
FROM node:18-buster AS frontend-build
RUN apt-get update && apt-get install -y --no-install-recommends \
git \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
# setup for rijkshuisstijl
COPY ./bin/collect.sh /app/bin/collect.sh
COPY --from=backend-build /opt/venv/ /app/venv/
ENV VIRTUAL_ENV=/app/venv
# copy configuration/build files
COPY ./build /app/build/
COPY ./*.json ./*.js ./.babelrc /app/
# prevent caching stage 2 (if there are changes)
COPY src/sdg/scss/ /app/src/sdg/scss/
COPY src/sdg/js/ /app/src/sdg/js/
# install WITH dev tooling
RUN npm ci
# copy source code
COPY ./src /app/src
# build frontend
RUN npm run build
# Stage 3 - Build docker image suitable for production
FROM python:3.10-slim-bullseye
# Stage 3.1 - Set up the needed production dependencies
# install all the dependencies for GeoDjango
RUN apt-get update && apt-get install -y --no-install-recommends \
procps \
vim \
mime-support \
postgresql-client \
libxml2 \
libxmlsec1 \
libxmlsec1-openssl \
libexpat1 \
gettext \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY ./bin/docker_start.sh /start.sh
COPY ./bin/celery_worker.sh /celery_worker.sh
COPY ./bin/celery_beat.sh /celery_beat.sh
RUN mkdir /app/log
RUN mkdir /app/media
# copy backend build deps
COPY --from=backend-build /opt/venv/lib/python3.10 /usr/local/lib/python3.10
COPY --from=backend-build /opt/venv/bin/uwsgi /usr/local/bin/uwsgi
COPY --from=backend-build /app/src/ /app/src/
# copy frontend build statics
COPY --from=frontend-build /app/src/sdg/static /app/src/sdg/static
COPY --from=frontend-build /app/node_modules/flag-icon-css/ /app/node_modules/flag-icon-css/
# copy source code
COPY ./src /app/src
RUN useradd -M -u 1000 maykin
RUN chown -R maykin /app
# drop privileges
USER maykin
ARG COMMIT_HASH
ARG RELEASE
ENV GIT_SHA=${COMMIT_HASH}
ENV RELEASE=${RELEASE}
ENV DJANGO_SETTINGS_MODULE=sdg.conf.docker
ARG SECRET_KEY=dummy
# Run collectstatic, so the result is already included in the image
RUN python src/manage.py collectstatic --noinput
RUN python src/manage.py compilemessages
LABEL org.label-schema.vcs-ref=$COMMIT_HASH \
org.label-schema.vcs-url="https://github.com/maykinmedia/sdg-invoervoorziening" \
org.label-schema.version=$RELEASE \
org.label-schema.name="Single Digital Gateway Invoervoorziening"
EXPOSE 8000
CMD ["/start.sh"]